Efficient Decentralized Ciphertext-Policy Attribute Based Encryption With Fine-Grained Revocation

• 1、College of Computer Science and Electronic Engineering, Hunan University, Changsha 410082

Abstract：Ciphertext-policy attribute based encryption (CP-ABE) enables flexible access control for cloud storage. If and only if a user\'s attributes satisfy the pre-defined access policy, which is embedded in the ciphertext, user can decrypt the data. Especially, decentralized CP-ABE is suitable for distributed system due to more flexible attribute management. Nevertheless, the access policy for uploading data to the cloud is explicit, which might lead to privacy leakage. A user\'s privacy can be traced by his/her unique identifier. Existing works either pay little attention to protecting user\'s privacy from attribute-authorities colluding, or have vast computational overheads for enhanced security. In this paper, an efficient decentralized CP-ABE with fine-grained revocation is proposed for cloud storage. To improve privacy protection, user\'s attributes are hide in the access policy, and an anonymous key protocol is constructed to make user\'s be unknown to attribute authorities. Meanwhile, complicated tasks such as pairing and exponential operations in encryption and decryption are outsourced to the cloud. The proposed scheme is friendly to resource-constrained end-users. Even fine-grained attribute revocation used to be complex, our scheme requires only updating part of user\'s secret key and re-encrypting part of ciphertext. Extensive performance analysis shows that the proposed scheme is more efficient and improves privacy, which makes it be more feasible for cloud.

keywords： Informatiion security cloud computing attribute based encryption privacy preserving online/offline encryption outsourced decryption

点击查看论文中文信息

点击收起